Though notice that I specified the v1.3.0-rc1 tag… And let the system do its magic!

(Update : For the stable, release you can omit the -rc1 part!)

Note ; Be aware that this is an early release candidate. Do not use this for your production! There is for instance a bug with the GUI, where the “Auto”-theme is malfunctioning. So switch to light or dark to get that one fixed. 😉

So what will we be doing today? We are going to leverage the power of the combination between docker containers & the rancher eco system. As a demonstration, we’ll be publishing “Owncloud” with a “mysql” backend. As we tend to like it a bit more secure, we’ll introduce a loadbalancer service as SSL termination. This as we want to keep our “Owncloud” as “vanilla” as possible. We’ll be pointing that service towards the outside world and will make it accessible via the “external dns”.

What can we optimize further about the design? (but is out-of-scope for today)

What is one of the biggest business advantages of Azure? You are only charge for your actual usage per minute. For many organizations, the cost of a development/test environment is a sore spot as this costs a handful of cash. Today will introduce you to Azure Automation, which will let you orchestrate things, as stopping/starting your environment.

What are we going to do?

Setup a dedicated account for our scheduled runbooks

Configure two runbooks ; “stop all servers” & “start all servers”

Schedule those runbooks

Setup a dedicated account for our scheduled runbooks

In my opinion, you always needs to set up dedicated accounts for services. They should not be running under anyones “personal” account. At a given point they will leave the company. At that time, if the system is still active and the user account will be decommissioned, the system will cease to halt. In addition, this will also give you a traceability of the actions of the given service.

It’s also advised to note down both the full username (dixit, username@account.onmicrosoft.com) and the password you have assigned. After the creation, be sure to login with the account. You will be asked to change your password. If you “forget” (too lazy huh?) to do this step, you will get an authentication error when trying to use this account for your automations (So yes, I tried to be lazy too…).

Configure two runbooks ; “stop all servers” & “start all servers”

In this phase, we’ll do the following

Create the Automation account (“folder”) under the Runbooks will be stored

Create a “start all servers” runbook from the gallery

Create a “stop all servers” runbook from the gallery

Browse to “Automation”, select “Runbook” and then choose “From Gallery”

In the gallery, go to “VM Lifecycle Management”, and select “Azure Automation Workflow to Schedule starting of all Azure Virtual Machines”

Press next, review the code. The code is pretty straight forward… But we’ll get into that later on.

Now enter the name of your runbook, and choose “Create a new automation account”. Give the account a name and choose your subscription & region.

Now we’ll repeat the process for the “stop all servers” runbook.

Now browse back to the “Automation” screen ;

Before we can go on with these steps, we’ll need to add our user to the “Assets” of our “Automation Account”. Browse to “Assets” and select “Add settings”.

Select “Add credential”… Then use “Windows Powershell Credential” as “Credential Type” and name the credential.

Now enter the user information you noted down earlier… and press save.

You are now good to go!

Select “Runbooks”, now you can see both runbooks we just created.

Select the “Stop-AllAzureVM” & adjust the two parameters and press save ;

-Name “username@domain.onmicrosoft.com”

-Subscriptionname “Subscription Name”

Select the “Start-AllAzureVM” & adjust the three parameters and press save ;

-Name “username@domain.onmicrosoft.com”

-Subscriptionname “Subscription Name”

-Name “Your Most Important Server”

What did we just do for both scripts? We entered the user account & subscription under which the script will be executed. This is a mandatory step and understandingly so. Now let us test the “StartAllAzureVM”-script… I’ve prepared two virtual machines, which are currently shutdown.

So we’ll press “Test” on the runbook…

And yes, we are sure. Azure Automation will save the runbook one more time to be safe.

The output pane will show the status “starting”.

And it will change to “running” after a while.

.

Once you see the code below, you will know that you have been authenticated. So all our hard work with creating the user paid off! If you do not see this, that is the part you should be debugging…

Suddenly our “most important server” will be showing the status “Starting”…

And the output pane will verify this status!

So basically, we are safe to say that our script works. Let’s publish the runbooks so that we can schedule them later on.

For each runbook, press the “publish”-button

We are sure, and you will see the runbook shift from “draft” to “published”.

Congrats so far! We are now ready to schedule those babies!

Schedule those runbooks

So which steps will we be doing in this phase?

Create two schedules ; “start of business day” & “end of business day”

Now we have both schedules. One that will occur at 08:00 and another one that will occur at 17:00 (5pm). Now let’s link our runbooks…

Go to our “Automation Account”, and select “Runbooks”. Click on one of them

Go to “Schedule”, and press “Link to an existing schedule”.

Select the schedule…

And you will see the schedule attached.

Rince & repeat for the other one.

Summary

With the power of automation & a gallery of pre-made runbooks, we were able to save our business tons of money by only running the servers during the business hours. Be aware that the above example does not accompany holidays / weekends… In addition, the money saving is “limited” to the “compute”, as the storage of your devices will remain “active” (on disk).

Up in the Clouds

Views are my own

The content of this blog will, at all times, portray my own views. At no time will this reflect the views of the organization I am linked to. Neither can the information provided be used as support statement.